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Trusted Third Party 

1. Certifies the KDS technical solution. 

2. Creates the decryption 

key pairs and delivers 
to vendor and lottery. 

3. Monitors instant ticket 

vendor during ticket 
manufacturing. 

4. Audits the KDS ^ ^ 

Transaction Log File. 

5. Ensures that KDS shuffle 

seeds are logically and physically 
deleted after tickets ship to Lottery. 

6. Secures one of the two passwords to the 

KDS Translation Server. 

7. Performs routine inspections of the KDS 

System. 
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Keyed Dual Security Subsystem 
allows Lottery Security to request 
ticket reconstruction by translating 
P2 imaged pack number into P1 
pack number 
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An instant ticket vendor develops 
a KDS shuffle algorithm which is 
audited and certified by a Trusted 
Third Party. The connpleted 
algorithm is loaded on a KDS 
Translation Server. 



The Trusted Third Party creates a 
public/private key pair and (1) 
delivers the public key to the Lottery 
and (2) installs the associated 
private key on the KDS Translation 
Server at the instant ticket vendor. 



A lottery administration, preferably 
its security department, creates 
KDS shuffle seeds for the game. 
The seeds are encrypted using 
the public key and electronically 
delivered to the Instant ticket 
vendor. 
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The instant ticket vendor loads the 
encrypted KDS shuffle seeds onto 
the KDS Translation Server. The 
server now contains the three 
components necessary to translate 
between the P1 and P2 domains: 
the KDS shuffle algorithm, the KDS 
shuffle seeds and the private key. 



The game programming 
department of the instant ticket 
vendor generates and audits the 
ticket data file for the game. 



The ticket data file is sent to the 
KDS Translation Server for 
shuffling. 



The KDS Translation Server uses 
the private key to decrypt the 
encrypted KDS Shuffle seeds for 
that game. 



The KDS Translation Server, using the 
KDS shuffle algorithm, the encrypted 
KDS Shuffle seeds and the private 
key, transforms the P1 domain pack 
numbers In the ticket data file (P1) into 
the shuffled (P2) pack numbers. The 
KDS transaction is logged to a KDS 
Log Server. 



The shuffled pack numbers are 
written to a ticket image file for the 
game and is the data is audited. 
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The ticket image file Is delivered to 
the manufacturing process where 
the file is used to image the P2 
domain ticket identification data, the 
play indicia, the validation number 
and the barcode onto the instant 
tickets. 
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The instant game is packaged; all 
damaged packs are identified and 
omitted by the Packaging System. A 
file of non-omitted P2 domain packs 
is created and delivered to the KDS 
Translation Server. 



The KDS Translation Server, using 
the KDS Shuffle algorithm, the 
encrypted KDS Shuffle seeds and 
the private key, unshuffles the P2 
domain pack number file. The 
resulting file Is a P1 domain file of 
packs that have survived the 
production process. The KDS 
transaction is logged to the KDS Log 
Server. 



The KDS Translation Server, 
using the KDS Shuffle algorithm, 
the encrypted KDS Shuffle seeds 
and the private key, translates the 
P1 'pluck' file into a P2 'pluck' file. 
The KDS transaction is logged to 
the KDS Log Server. 



The Game Generation program 
reads the P1 domain shipment file to 
determine which packs must be 
removed from the production run. 
This file is created and delivered to 
the KDS Translation Server. 



Instant ticket Security personnel 
and packaging personnel use the 
P2 'pluck' file to remove packs 
from the production run. 



The Packaging System sends an 
updated P2 domain file of non- 
omitted packs to the KDS 
Translation Server. 




The KDS Translation Server, using 
the KDS Shuffle algorithm, the 
encrypted KDS Shuffle seeds and 
the private key, unshuffles the P2 
domain pack number file. The 
resulting file is a P1 domain file of 
packs that have survived the 
production process. The KDS 
transaction is logged to the KDS Log 
Server. 



The KDS Translation Server, 
using the KDS Shuffle 
algorithm, the encrypted KDS 
Shuffle seeds and the private 
key, shuffles the P1 domain 
Shipment and Validation files 
into the P2 domain. The files 
are delivered to the Lottery and 
the transactions are logg^ to 
the KDS Log Server. 



The game generation 
program processes P1 
domain shipment flie and 
creates the End of 
Production Prize Structure 
report. This report details 
the value of the good packs 
set for delivery. The report 
is delivered to the Lottery. 



The P1 domain file is 
further processed by the 
game generation program 
which creates and formats 
the Validation files and 
Shipment files in the P1 
domain. These files are 
delivered to the KDS 
Translation Server. 
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